improving security and access to network with smart badge
DESCRIPTION
Improving Security and Access to Network with Smart Badge. Eril Pasaribu CISA,CISSP Security Consultant. AGENDA. Background Core Technologies Schlumberger Solutions Questions & Answers. Market facts (CSI/FBI). How Does One Authenticate?. One Factor - What you know â Password - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Improving Security and Access to Network with Smart Badge](https://reader036.vdocuments.site/reader036/viewer/2022062519/568152f3550346895dc10ebe/html5/thumbnails/1.jpg)
1 SPD
Improving Security and Access Improving Security and Access to Network with Smart Badgeto Network with Smart Badge
Improving Security and Access Improving Security and Access to Network with Smart Badgeto Network with Smart Badge
Eril Pasaribu CISA,CISSPSecurity Consultant
![Page 2: Improving Security and Access to Network with Smart Badge](https://reader036.vdocuments.site/reader036/viewer/2022062519/568152f3550346895dc10ebe/html5/thumbnails/2.jpg)
2 SPD
AGENDAAGENDA
⢠Background⢠Core Technologies⢠Schlumberger Solutions⢠Questions & Answers
![Page 3: Improving Security and Access to Network with Smart Badge](https://reader036.vdocuments.site/reader036/viewer/2022062519/568152f3550346895dc10ebe/html5/thumbnails/3.jpg)
3 SPD
Market facts (CSI/FBI)Market facts (CSI/FBI)
![Page 4: Improving Security and Access to Network with Smart Badge](https://reader036.vdocuments.site/reader036/viewer/2022062519/568152f3550346895dc10ebe/html5/thumbnails/4.jpg)
4 SPD
How Does One Authenticate?How Does One Authenticate?
⢠One Factor - What you know â Password⢠Two Factors - What you have â Smart card⢠Three Factors - What you are â Biometric
=> Balance between convenience, privacy, and security
![Page 5: Improving Security and Access to Network with Smart Badge](https://reader036.vdocuments.site/reader036/viewer/2022062519/568152f3550346895dc10ebe/html5/thumbnails/5.jpg)
5 SPD
A Corporate Smart Badge?A Corporate Smart Badge?
⢠Passwords are expensive and provide poor security⢠Many different standards increase management
complexity and help desk support⢠Increasing network fraud, poor security around
transactions and messaging⢠Hard drive based security can be improved
=>One single ID card for both secure physical and =>One single ID card for both secure physical and logical accesslogical access
![Page 6: Improving Security and Access to Network with Smart Badge](https://reader036.vdocuments.site/reader036/viewer/2022062519/568152f3550346895dc10ebe/html5/thumbnails/6.jpg)
6 SPD
Smart Cards for Corporate Login
Smart Cards for Corporate Login
0
20
40
60
80
100
2001 2002 2003 2004
Mill
ion
Uni
tsDataquest/Card Technology 5/01
By YE â04 33% of W2K/XP users
will login via smart card
(Gartner Group)
![Page 7: Improving Security and Access to Network with Smart Badge](https://reader036.vdocuments.site/reader036/viewer/2022062519/568152f3550346895dc10ebe/html5/thumbnails/7.jpg)
7 SPD
CORE TECHNOLOGIESCORE TECHNOLOGIES
⢠Public Key Infrastructure⢠Smart Cards⢠Proximity Cards
![Page 8: Improving Security and Access to Network with Smart Badge](https://reader036.vdocuments.site/reader036/viewer/2022062519/568152f3550346895dc10ebe/html5/thumbnails/8.jpg)
8 SPD
PKI Symmetric Model
PKI Symmetric Model
![Page 9: Improving Security and Access to Network with Smart Badge](https://reader036.vdocuments.site/reader036/viewer/2022062519/568152f3550346895dc10ebe/html5/thumbnails/9.jpg)
9 SPD
PKI Asymmetric Model
PKI Asymmetric Model
![Page 10: Improving Security and Access to Network with Smart Badge](https://reader036.vdocuments.site/reader036/viewer/2022062519/568152f3550346895dc10ebe/html5/thumbnails/10.jpg)
10 SPD
PKI Public Key Cryptography Fundamentals
PKI Public Key Cryptography Fundamentals
⢠Two keys, one you keep secret (private) and one you let everyone else know (public)
⢠Important property:â If data is encrypted with a public key, the only way to
decrypt is by having the private keyâ If data is encrypted with a private key, the only way to
decrypt is by having the public key
⢠Combined with secret key algorithms provides: authentication, bulk encryption, and integrity
![Page 11: Improving Security and Access to Network with Smart Badge](https://reader036.vdocuments.site/reader036/viewer/2022062519/568152f3550346895dc10ebe/html5/thumbnails/11.jpg)
11 SPD
Digital CertificatesDigital Certificates
⢠Public Keys are distributed in the form of Certificates.â Binding between âidentityâ and a public keyâ Digital equivalent of employee badge, drivers license â
universalâ Issued by Certificate Authorities (CAs) to clients,
servers, objectsâ Trust and accreditation of CA is a major component of
Public Key Infrastructure: to what extent can you be sure a certificate truly binds a public key to an entity
⢠A Digital Certificate contains the senderâs public key, and also the trusted authorityâs digital signature.
![Page 12: Improving Security and Access to Network with Smart Badge](https://reader036.vdocuments.site/reader036/viewer/2022062519/568152f3550346895dc10ebe/html5/thumbnails/12.jpg)
12 SPD
Whatâs in a Digital Certificate?
⢠Defined by ITU standard X.509â supported by Netscape,iPlanet, Entrust, MS IE, MS
IIS, Lotus Domino 5, âŚ
⢠Certificate typically contain:â Name of owner and their public keyâ Name and signature of Certificate Authorityâ Expiration date, serial numberâ Algorithms used for encryption & signing
⢠X.509 v3 permits arbitrary attribute-value pairs (e.g. credit card #, access control information, certificate policiesâŚ.)
![Page 13: Improving Security and Access to Network with Smart Badge](https://reader036.vdocuments.site/reader036/viewer/2022062519/568152f3550346895dc10ebe/html5/thumbnails/13.jpg)
13 SPD
Smart Card Overview
Smart Card Overview
⢠Total sales of 1.5B units in 2000â GSM requires smart card (SIM)â Credit cards, AMEX blue, DoD.
⢠Already a proven, secure technology⢠Almost unanimous agreement among analysts and
experts that smart cards are an ideal token for storage of important digital credentials, such as private keys, biometrics, etc.
![Page 14: Improving Security and Access to Network with Smart Badge](https://reader036.vdocuments.site/reader036/viewer/2022062519/568152f3550346895dc10ebe/html5/thumbnails/14.jpg)
14 SPD
Reflex 72 Reflex 20
CARD READERS
Middleware
CRYPTO CARD
Cryptoflex
4K, 8K, 16K
JAVA CRYPTO CARDS
Cyberflex Palmera Protect
16K, 32K
Cyberflex Access II
16K, 32K
SLB Smart Card Products
SLB Smart Card Products
![Page 15: Improving Security and Access to Network with Smart Badge](https://reader036.vdocuments.site/reader036/viewer/2022062519/568152f3550346895dc10ebe/html5/thumbnails/15.jpg)
15 SPD
e-Gate: the next generatione-Gate: the next generation
⢠e-Business Smart Card: Access e-Gateâ 32K Access II card with embedded USB driver.
â Simple, inexpensive reader plugs directly into USB port
â e-Gate Card+Reader vs. ISO Card+Reader: 30% less
â Electron dâor award, 2000
![Page 16: Improving Security and Access to Network with Smart Badge](https://reader036.vdocuments.site/reader036/viewer/2022062519/568152f3550346895dc10ebe/html5/thumbnails/16.jpg)
16 SPD
Smart Card KitsSmart Card Kits
![Page 17: Improving Security and Access to Network with Smart Badge](https://reader036.vdocuments.site/reader036/viewer/2022062519/568152f3550346895dc10ebe/html5/thumbnails/17.jpg)
17 SPD
Proximity CardsProximity Cards
⢠HID Proximity Cardâ 125 kHz proximity antenna and chipâ Popular in the USâ Personalize by HID
⢠MIFARE Contactless Smart Cardâ 13.56 MHz contactless antennaâ Popular outside of the USâ Personalize by our CIS
![Page 18: Improving Security and Access to Network with Smart Badge](https://reader036.vdocuments.site/reader036/viewer/2022062519/568152f3550346895dc10ebe/html5/thumbnails/18.jpg)
18 SPD
Schlumberger Smart Badge Integration
Network accessSecure log inDigital signaturesWeb authenticationPassword storagePublic key infrastructure
Paymentloyalty programs
Physicalaccess
Corporateidentity
E-commerceentitlement control
⢠authentication⢠authorization⢠accounting
![Page 19: Improving Security and Access to Network with Smart Badge](https://reader036.vdocuments.site/reader036/viewer/2022062519/568152f3550346895dc10ebe/html5/thumbnails/19.jpg)
19 SPD
Single Sign-On (SSO)
Single Sign-On (SSO)
⢠Enable authentication to be managed consistently across the enterprise
⢠Allow a user to log in just once⢠Transparent access to a variety of permitted
information systems⢠Integration of stronger authentication services to
support SSO using the Corporate Badge
![Page 20: Improving Security and Access to Network with Smart Badge](https://reader036.vdocuments.site/reader036/viewer/2022062519/568152f3550346895dc10ebe/html5/thumbnails/20.jpg)
20 SPD
Smart LoginSmart Login
⢠Smart Card based password store for Windows, enabling reduced Sign On.
⢠Support IE, Netscape, and any Windows Login dialog.
⢠Windows 2000/NT/9x.⢠Automatic Login.
![Page 21: Improving Security and Access to Network with Smart Badge](https://reader036.vdocuments.site/reader036/viewer/2022062519/568152f3550346895dc10ebe/html5/thumbnails/21.jpg)
21 SPD
DemoDemo
Demonstrate Smart Card Login on Windows 2000And secure screen lock
![Page 22: Improving Security and Access to Network with Smart Badge](https://reader036.vdocuments.site/reader036/viewer/2022062519/568152f3550346895dc10ebe/html5/thumbnails/22.jpg)
22 SPD
Demo 1-2Demo 1-2
⢠After Windows boot, SLB GINA dialog is displayed
⢠On card insertion, user is prompted for PIN verification
⢠If successful, access is granted to desktop and related networks
![Page 23: Improving Security and Access to Network with Smart Badge](https://reader036.vdocuments.site/reader036/viewer/2022062519/568152f3550346895dc10ebe/html5/thumbnails/23.jpg)
23 SPD
Demo 2-2Demo 2-2
⢠On card removal (typically when the user walks away from his computer), the computer locks itself automatically
⢠It is unlocked using the same process as initial logon (PIN verification
![Page 24: Improving Security and Access to Network with Smart Badge](https://reader036.vdocuments.site/reader036/viewer/2022062519/568152f3550346895dc10ebe/html5/thumbnails/24.jpg)
24 SPD
SC & ReaderCard Software
Directory CA PolicyServer CMS
Physical Access
TechnicalConsulting
CustomApplications
E-CommerceVPN
Loyalty
Design &Integration
Project ManagementDeploymentTraining24x7 Help Desk
Schlumbergerâs total solution
![Page 25: Improving Security and Access to Network with Smart Badge](https://reader036.vdocuments.site/reader036/viewer/2022062519/568152f3550346895dc10ebe/html5/thumbnails/25.jpg)
25 SPD
Smart Badge Movie
![Page 26: Improving Security and Access to Network with Smart Badge](https://reader036.vdocuments.site/reader036/viewer/2022062519/568152f3550346895dc10ebe/html5/thumbnails/26.jpg)
26 SPD
Q & AsQ & As
Questions and Answers